Overview

File _patchinfo of Package patchinfo.27289

<patchinfo incident="27289">
  <issue tracker="cve" id="2022-23484"/>
  <issue tracker="cve" id="2022-23479"/>
  <issue tracker="cve" id="2022-23482"/>
  <issue tracker="cve" id="2022-23483"/>
  <issue tracker="cve" id="2022-23481"/>
  <issue tracker="cve" id="2022-23468"/>
  <issue tracker="cve" id="2022-23480"/>
  <issue tracker="bnc" id="1206307">VUL-0: CVE-2022-23481: xrdp: Out of Bound Read in xrdp_caps_process_confirm_active()</issue>
  <issue tracker="bnc" id="1206312">VUL-0: CVE-2022-23484: xrdp: Integer Overflow in xrdp_mm_process_rail_update_window_text()</issue>
  <issue tracker="bnc" id="1206311">VUL-0: CVE-2022-23483: xrdp: Out of Bound Read in libxrdp_send_to_channel()</issue>
  <issue tracker="bnc" id="1206303">VUL-0: CVE-2022-23479: xrdp: Buffer overflow in xrdp_mm_chan_data_in() function</issue>
  <issue tracker="bnc" id="1206300">VUL-0: CVE-2022-23468: xrdp: Buffer overflow in xrdp_login_wnd_create()</issue>
  <issue tracker="bnc" id="1206306">VUL-0: CVE-2022-23480: xrdp: Buffer overflow in devredir_proc_client_devlist_announce_req</issue>
  <issue tracker="bnc" id="1206310">VUL-0: CVE-2022-23482: xrdp: Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE()</issue>
  <packager>yudaike</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for xrdp</summary>
  <description>This update for xrdp fixes the following issues:

- CVE-2022-23468: Fixed a buffer overflow in xrdp_login_wnd_create() (bsc#1206300).
- CVE-2022-23479: Fixed a buffer overflow in xrdp_mm_chan_data_in() (bsc#1206303).
- CVE-2022-23480: Fixed a buffer overflow in devredir_proc_client_devlist_announce_req() (bsc#1206306).
- CVE-2022-23481: Fixed an out of bound read in xrdp_caps_process_confirm_active() (bsc#1206307).
- CVE-2022-23482: Fixed an out of bound read in xrdp_sec_process_mcs_data_CS_CORE() (bsc#1206310).
- CVE-2022-23483: Fixed an out of bound read in libxrdp_send_to_channel() (bsc#1206311).
- CVE-2022-23484: Fixed a integer overflow in xrdp_mm_process_rail_update_window_text() (bsc#1206312).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places